The candidate must understand federal ICAM standards and be able to advise on practical implementation across enterprise applications, cloud environments, DevSecOps delivery teams, and production support operations.
Key Responsibilities
• Support ICAM roadmap planning across SSO, LACS/AuthZ, PAM, PKI, account management, OAuth/OIDC, secrets management, and ePACS.
• Evaluate current ICAM solutions against agency needs and recommend COTS, open-source, or custom approaches.
• Support stakeholder alignment across ICAM, ISD, OIT, USCIS, DHS, and external application teams.
• Help identify security, process, and architecture gaps in existing ICAM implementations.
• Provide guidance on Zero Trust, least privilege, PIV enablement, ABAC/RBAC, federation, certificate lifecycle, and privileged access.
• Support development of technical documentation, executive briefings, process flows, and implementation recommendations.
• Contribute to proposal/oral presentation preparation where real technical expertise is required.
Required Qualifications
• Knowledge of current commercial and open-source ICAM products, including their capabilities, strengths, and weaknesses.
• Certification or training in at least one recognized identity, access, or security area: CIAM, CISSP, GDA, CAMS, CompTIA Security+, or FICAM-related training.
• Ability to advise on enterprise SSO, PIV, OAuth/OIDC, PKI, PAM, secrets management, and access governance.
• Ability to obtain favorable EOD / suitability and maintain required USCIS access.
• U.S. citizenship likely required for DHS IT access unless waiver is granted — confirm before final posting.
Preferred Qualifications
• Experience with PIV authentication, HSPD-12, FICAM, Zero Trust, and federal identity governance.
• Experience with Shibboleth, CyberArk, UAA, OAuth/OIDC, PKI, certificate lifecycle automation, or ABAC/RBAC implementation.
• Experience advising Agile DevSecOps teams on identity integration patterns.
• Experience supporting audits, security findings, POA&Ms, or FISMA reporting.